Someone is either tapped into my PC or has a Key logger How Do I Find It

Toggle sidebar Toggle sidebar
justwoundering

justwoundering

Honorable
Nov 9, 2013
7
0
10,510
Some people I used to work with have been harassing me online and too many strange things have happened for example last night I searched a domain name and I was gonna buy it then, and should have, but I said I'll buy the morning. When I got up I went to buy the domain, not only was that domain bought but all the other extensions were bought as well. I did a whois and who bought it? the people that I am talking about. It seems like every idea I have or everything I'd talk about they know how was as possible? I know one time when we were partners in our business venture I had installed teamviewer and learned he was listening to the audio coming from my studio as I leave my mic open a lo.t he told me audio did not come through team viewer so wasn't worried about it, then I found out that team viewing does not have to be running in processes to be on. One day I said let me start team viewer and automatically it started, he started it from his computer and he was looking at something and I was testing some audio and he says turn that down and I said I thought you couldn't hear anything via TV and he kind of stumbled over his words. But I've uninstalled that and it on my system. The current security I run is Microsoft a security essentials, windows defender, and AntiMalwarebytes. I keep all my secure passwords and documents on a flash arrive but it still seems he is able to get into my servers and ban I P's. Just a lot of strange things have been happening in all traces back to him. What are the things I can check, and what should I look for I thank you very much for your time and appreciate it.
 
Sort by date Sort by votes
First thing to do is right-click on computer and select properties.

On the left, choose the 'Remote Settings' button.

On that screen, make sure the 'Allow remote assistance...' box is un-checked.

Do that now.

And come back.
 
Upvote 0 Downvote


Not Checked

 
Upvote 0 Downvote
A keylogger would likely be run at start-up from the registry.

If we can identify it in Task Manager, it'll be easier to track down in the registry.

Keyloggers bloat the system over time.

They store lots of files with similar names at regular intervals. It just so happens that some leylogger interrupt MPC when they do that.

If you don't have it, you should Google 'k-lite codec pack', download a copy and install it.

It would be a strong clue.

 
Upvote 0 Downvote
Keyloggers' saved files should be easy to identify.

Are you 'Sharing your computer on a network?

We have to work out how access to those files is being gained.

If they are in a shared folder, they could be accessed by someone connected to your network.

Does anyone have enough access to your computer to e-mail such files to themselves freely?
 
Upvote 0 Downvote


I have windows media player but the windows 7 version and I played a 7 mins short film full screen fine?
 
Upvote 0 Downvote


My Processes http://prntscr.com/22wg15

http://prntscr.com/22wg40

I checked my event log and I have a ton of errors today not great like you guys at Computers but know more than average person

Error 11/9/2013 12:07:30 AM Firebird SQL Server 0 None
Error 11/9/2013 12:07:30 AM Firebird SQL Server 0 None
Error 11/8/2013 11:30:42 PM CAPI2 513 None
Error 11/8/2013 11:02:29 PM MsiInstaller 10005 None
Error 11/8/2013 11:02:19 PM MsiInstaller 10005 None
Error 11/8/2013 11:02:19 PM MsiInstaller 10005 None
Error 11/8/2013 11:02:18 PM MsiInstaller 10005 None
Error 11/8/2013 7:44:12 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:11 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:10 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:09 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:09 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:08 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:07 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:06 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:06 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:05 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:05 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:04 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:04 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:03 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:03 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:03 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:02 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:02 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:02 PM Kernel-EventTracing 2 Session
Error 11/8/2013 7:44:02 PM Kernel-EventTracing 2 Session
Warning 11/8/2013 7:43:49 PM Microsoft Antimalware 1002 None
Error 11/8/2013 7:43:44 PM DistributedCOM 10010 None
Error 11/8/2013 4:54:15 PM SideBySide 35 None
Error 11/8/2013 4:51:13 AM Service Control Manager 7016 None
Error 11/8/2013 4:51:13 AM Service Control Manager 7016 None
Error 11/8/2013 4:44:51 AM SideBySide 35 None
Error 11/8/2013 3:44:10 AM SideBySide 35 None
Error 11/8/2013 3:44:08 AM SideBySide 35 None
Error 11/8/2013 2:29:35 AM SideBySide 35 None
Warning 11/8/2013 1:30:37 AM Kernel-PnP 219 (212)
Error 11/8/2013 12:32:32 AM SideBySide 35 None
Warning 11/8/2013 12:14:08 AM DNS Client Events 1014 None
Warning 11/8/2013 12:14:05 AM Dhcp-Client 1003 Address Configuration State Event
Warning 11/8/2013 12:14:04 AM DNS Client Events 1014 None
Warning 11/8/2013 12:14:03 AM e1cexpress 27 None
Warning 11/8/2013 12:13:18 AM DNS Client Events 1014 None
Warning 11/8/2013 12:12:57 AM e1cexpress 27 None
 
Upvote 0 Downvote
In order to try and find the files generated by the keylogger, I would first go to Control Panel and click on folder options, select the 'View' tab and click on 'Show hidden files and folders'.

Apply. Done.

Now open Computer and click on the C: drive in the left-hand window to select, not open it.

Now go to the address bar at the top-right of the window and type '*.*' (without the quotes.)

Just beneath what you type is an option to specify 'date and time', click it.

Select yesterday's date and press enter. the search could take a while so be patient.
 
Upvote 0 Downvote
Do you know what application SAMBC.exe is associated with?

Description: The file SAMBC.exe is located in a subfolder of "C:\Program Files". The file size on Windows 7/XP is 4,832,768 bytes. http://www.file.net/process/sambc.exe.html
There is no information about the author of the file. The file is not a Windows system file. The program is not visible. The application listens for or sends data on open ports to a LAN or the Internet. SAMBC.exe is able to connect to the Internet and record inputs. Therefore the technical security rating is 55% dangerous.

Do you use your computer for that kind of thing?
 
Upvote 0 Downvote



Yes I am I run a 24/7 streaming online radio website and this is what this is all this is related to, is it possible he is getting in that that?
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom